1. Field of the Invention
The present invention relates to a method of distributing encryption keys among nodes in a mobile ad hoc network, and a network device using the same. More particularly, the present invention relates to a method of distributing encryption keys among nodes in a mobile ad hoc network, and a network device using the same, wherein stable and reliable encryption key distribution between two nodes can be achieved by using predetermined first and second encryption methods in the mobile ad hoc network without an authentication server or key distribution center (KDC) and by transmitting/receiving predetermined parameters for creating a common key according to the second encryption method.
2. Description of the Related Art
Recently, as information communication networks have developed, a variety of information is exchanged via wireless/wired communication networks.
The most commonly used data encryption method between two terminals, including wireless/wired communication networks, is a public key/private key-based data encryption method.
In addition, there is the Diffie-Hellman data encryption method utilizing the Diffie-Hellman key distribution protocol, and an encryption method utilizing a combination of the public/private key-based data encryption method and the Diffie-Hellman data encryption method.
The public key/private key-based data encryption method is also called a public key encryption method and is illustrated in FIG. 1a. 
As shown in FIG. 1a, the operation of an authentication and encryption system based on the public key encryption method includes the process of registering public keys KUa and KUb created at each node into a key distribution center, the process of retrieving, by one node, a public key from the other node from the key distribution center in order to perform authentication and encryption between the respective nodes, and the process of sending encrypted data using the other node's public key obtained from the key distribution center.
That is, node A creates a public and private key (KUa, Pa) and Node B creates a public and private key (KUb, Pb) according to the public key encryption method (hereinafter, simply referred to as “public key” and “private key”), and the nodes send the public key KUa or KUb to the key distribution center so that the public key can be registered therein.
As an example, if Node A intends to communicate with Node B, Node A requests that the key distribution center send Node B's public key KUb in order to transmit authentication information for user authentication to Node B.
When the requested Node B's public key KUb has been received from the key distribution center, the authentication information is encrypted with the public key KUb to create a ciphertext EKUb which in turn is sent to Node B.
Node B decrypts the received ciphertext EKUb with its own private key Pb. The decrypted authentication information of Node A is then used for performing user authentication.
As another example, if Node A, which has been authenticated through the user authentication procedure, intends to transmit a predetermined message as a ciphertext to Node B, Node A encrypts the message by using Node B's public key KUb received from the key distribution center and then sends the resultant ciphertext EKUb to Node B.
Node B receives the ciphertext EKUb, decrypts the received ciphertext EKUb with Node B's private key Pb and then processes the message obtained through decryption.
The Diffie-Hellman encryption method performs encryption by using a common key Z (not shown) created with the Diffie-Hellman key distribution protocol, which is illustrated in FIG. 1b. 
As shown in FIG. 1b, the operation of an authentication and encryption system based on the Diffie-Hellman encryption method is performed on the assumption that both Nodes A and B know global public elements q and α.
Node A creates a private and public key (Xa, Ya) and Node B creates a private and public key (Xb, Yb) according to the Diffie-Hellman encryption method (hereinafter, simply referred to as “Diffie-Hellman private key” and “Diffie-Hellman public key”). Then, Nodes A and B exchange the respective created Diffie-Hellman public keys Ya and Yb with each other.
Then, a common key Z used for encryption is created using the Diffie-Hellman private key of one node and a Diffie-Hellman public key of the other node. Any encrypted ciphertext can be decrypted using each node's own Diffie-Hellman private key.
FIG. 1c illustrates a combination of the public key encryption method and the Diffie-Hellman encryption method.
That is, public keys KUa and KUb provided by Nodes A and B, which have created their own private keys Pa and Pb, are registered with the key distribution center. Then, Nodes A and B create Diffie-Hellman private keys Xa and Xb and Diffie-Hellman public keys Ya and Yb.
Then, Node A encrypts the Diffie-Hellman public key Ya by using Node B's public key KUb provided from the key distribution center and sends the encrypted Diffie-Hellman public key EKUb(Ya) to Node B, while Node B encrypts the Diffie-Hellman public key Yb by using Node A's public key KUa provided from the key distribution center and then sends the encrypted Diffie-Hellman public key EKUa(Yb) to Node A.
Each node which receives the Diffie-Hellman public key EKUb(Ya) or (EKUa(Yb)) encrypted with either public key KUa or KUb decrypts the received public key by using its own Diffie-Hellman private key Xa or Xb, and creates a Diffie-Hellman common key Z (not shown) (hereinafter, simply referred to as “Diffie-Hellman common key”) from the use of the decrypted public key Ya or Yb. The Diffie-Hellman common key can be used to authenticate a user and to encrypt message information.
However, the use of the key distribution center in the various encryption methods described above cannot be employed in a mobile ad hoc network (hereinafter, abbreviated to “MANET”) which is a collection of wireless mobile hosts forming a temporary network without the aid of any centralized administration or standard support services.
As shown in FIG. 2, since the MANET is independently configured without depending on an existing infrastructure such as the Internet, topology and link status of the network varies with the movement of each mobile node. Thus, the MANET is not provided with a fixed control device for providing connections to a backbone host or any other mobile hosts.
Accordingly, there cannot exist a key distribution center capable of registering a public key received from each mobile node or providing a relevant public key according to requests from a mobile node.
In the MANET, the Diffie-Hellman encryption method that creates a common key by combining the private keys of one node and a public key of another node has been widely used.
However, since the Diffie-Hellman encryption method creates a Diffie-Hellman private key and a Diffie-Hellman public key by using predetermined equations with logarithmic characteristics, there is a problem in that the created keys can be easily exposed to unauthorized or malicious parties.
Namely, if a malicious user knowing global public elements q and α used in the Diffie-Hellman encryption method acquires the Diffie-Hellman public keys Ya and Yb of Nodes A and B, the user can obtain the Diffie-Hellman private keys Xa and Xb of Nodes A and B by using the acquired public keys.
Thus, since the malicious user decrypts and interprets a ciphertext being received/transmitted between Nodes A and B, there is a problem in that the Diffie-Hellman key distribution and encryption method itself cannot guarantee security of the ciphertext received/transmitted between Nodes A and B.
Therefore, there is a need for a method of distributing encryption keys, which guarantees security of a ciphertext in the MANET.